Site Archives
New FBI Georgia Robbery Suspect Website
The FBI has announced a new website to aid in the capture of robbery suspects in the state of Georgia. The site was created in cooperation with the Georgia Association of Bank Security. Georgiabankrobbery.com is “designed to assist law enforcement in the identification and apprehension of suspects throughout Georgia.” The public is encouraged to visit the site, which will list photographs and descriptions of robbery suspects along with a tip form to submit information.
BlackBerry Enterprise PDF Processing Vulnerability
GSA Reference Number: AD080717-01
Simply Put: BlackBerry Enterprise Server has a new vulnerability in its attachment processing engine. Basically, if an attacker attaches a maliciously formatted PDF file to an email and sends it to a BlackBerry user, the server processing the attachment could become compromised. The BlackBerry user would have to view the email attachment on his phone to trigger the attack. This is a vulnerability in the BlackBerry server and not BlackBerry phones. If this attack is successful, arbitrary code could be run on the Enterprise Server.
Multi-Vendor DNS Spoofing Vulnerability
GSA Reference Number: AD080709-01
Simply Put: Recently, multiple vendors have released patches to address a vulnerability in the DNS protocol. DNS is used for resolving host names and web addresses to IP addresses on the Internet. DNS servers will send out queries to other DNS servers when they receive a request for a host not stored in their database. When that happens, an attacker can respond to the request with a specially crafted packet with a malicious IP address. Since DNS takes the first response, this IP address will be written to its database and served to the users. Consequently, if a user tries to go to a website they might be redirected to a malicious website instead.
Microsoft Access Snapshot Viewer ActiveX Vulnerability
GSA Reference Number: AD080708-01
Simply Put: Microsoft Access included with Microsoft Office 2000 through 2003, including Office XP, is vulnerable to remote exploitation through Internet Explorer. If a user with MS Access installed browses to a malicious website, arbitrary files could be copied to the users machine. The vulnerability can be used to run malicious code on a user’s machine without notification or permission. Gladiator feels this issue is extremely critical.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007